LDAP_Base_DN needs OU Group #2080

New Issue

OVERLORD · 2026-02-05T02:50:45+03:00

OVERLORD commented

2026-02-05 02:50:45 +03:00

Originally created by @rneissl on GitHub (Feb 5, 2021).

Hello,

BookStack v0.31.4

we have tried every possible combination to setup LDAP connection to our Windows 2019 Domain.
The only way we got this to work is include OU in BASE_DN -> LDAP_BASE_DN=OU=BAB,DC=bab,DC=network
But we have other groups on the same Level (guest, users) and therefor is is not possible for users in that groups to log in.

In our case the should point to LDAP_BASE_DN=DC=bab,DC=network; But this doesnt work.

ErrorException
ldap_search(): Search: Operations error; app/Auth/Access/Ldap.php:55

Suggestion: can you make working both log variants (standard & ldap) ? if a use tries to log in, check LDAP and if the anser is false try standard?

with that setup a mix of domain members and extern users would be much more easier to maintain.

By the way - your applikation is awesome, you did a great job.

Originally created by @rneissl on GitHub (Feb 5, 2021). Hello, BookStack v0.31.4 we have tried every possible combination to setup LDAP connection to our Windows 2019 Domain. The only way we got this to work is include OU in BASE_DN -> LDAP_BASE_DN=OU=BAB,DC=bab,DC=network But we have other groups on the same Level (guest, users) and therefor is is not possible for users in that groups to log in. In our case the should point to LDAP_BASE_DN=DC=bab,DC=network; But this doesnt work. ErrorException ldap_search(): Search: Operations error; app/Auth/Access/Ldap.php:55 Suggestion: can you make working both log variants (standard & ldap) ? if a use tries to log in, check LDAP and if the anser is false try standard? with that setup a mix of domain members and extern users would be much more easier to maintain. By the way - your applikation is awesome, you did a great job.

OVERLORD closed this issue

2026-02-05 02:50:49 +03:00

OVERLORD commented

2026-02-05 02:50:54 +03:00

@ssddanbrown commented on GitHub (Feb 6, 2021):

Hi @rneissl,

I don't have a way to test on Windows systems to hand, But I can connect fine on my dev OpenLDAP instance with only a dc-based LDAP_BASE_DN.

For the LDAP_DN value, are you using a complete DN path to the user?

@ssddanbrown commented on GitHub (Feb 6, 2021): Hi @rneissl, I don't have a way to test on Windows systems to hand, But I can connect fine on my dev OpenLDAP instance with only a dc-based `LDAP_BASE_DN`. For the `LDAP_DN` value, are you using a complete DN path to the user?

OVERLORD commented

2026-02-05 02:50:57 +03:00

@ssddanbrown commented on GitHub (Apr 19, 2021):

Since there's been no follow-up I'm going to close this. If the issue remains and is something you still require to be fixed please open a new issue, referencing this one.

@ssddanbrown commented on GitHub (Apr 19, 2021): Since there's been no follow-up I'm going to close this. If the issue remains and is something you still require to be fixed please open a new issue, referencing this one.

OVERLORD commented

2026-02-05 02:51:02 +03:00

@ADMDW commented on GitHub (Sep 28, 2021):

Try this:
LDAP_BASE_DN=DC=bab,DC=network
LDAP_FOLLOW_REFERRALS=false

@ADMDW commented on GitHub (Sep 28, 2021): Try this: LDAP_BASE_DN=DC=bab,DC=network LDAP_FOLLOW_REFERRALS=**false**

Sign in to join this conversation.

Branches Tags

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/BookStack#2080